Paul Beesley [Thu, 17 Jan 2019 15:44:37 +0000 (15:44 +0000)]
doc: Add Coding Guidelines document
This content has been imported and adapted from the TF GitHub wiki
article 'ARM-Trusted-Firmware-Coding-Guidelines'.
The aim is to increase the visibility of the coding guidelines by
including them as part of the documentation that is within the TF
repository.
Additionally, the documentation can then be linked to by other
documents in the docs/ directory without worrying about broken links
to, for example, the external wiki.
Change-Id: I9d8cd6b5117b707c1a113baeba7fc5e1b4bf33bc Signed-off-by: Paul Beesley <paul.beesley@arm.com>
plat/arm: Move dynamic xlat enable logic to makefile
The PLAT_XLAT_TABLES_DYNAMIC build option, defined in platform_def.h
in Arm platforms, is checked by several headers, affecting their
behaviour. To avoid issues around the include ordering of the headers,
the definition should be moved to the platform's makefile.
Change-Id: I0e12365c8d66309122e8a20790e1641a4f480a10 Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
Use full include paths like it is done for common includes.
This cleanup was started in commit d40e0e08283a ("Sanitise includes
across codebase"), but it only cleaned common files and drivers. This
patch does the same to Arm platforms.
Change-Id: If982e6450bbe84dceb56d464e282bcf5d6d9ab9b Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
David Lin [Thu, 24 Jan 2019 22:15:57 +0000 (14:15 -0800)]
spd: trusty: trusty_setup should bail on unknown image
When an unknown Trusty image is found, there's no point of still trying
to register the BL32 init handler. Instead, we just should bail out of
the trusty_setup() and allow the system to continue to boot.
Manish Pandey [Mon, 21 Jan 2019 14:50:10 +0000 (14:50 +0000)]
Make device tree pre-processing similar to U-boot/Linux
Following changes are done to make DT pre-processing similar to that of
U-boot/Linux kernel.
1. Creating seperate CPPFLAGS for DT preprocessing so that compiler
options specific to it can be accommodated.
e.g: "-undef" compiler option avoids replacing "linux" string(used in
device trees) with "1" as "linux" is a pre-defined macro in gnu99
standard.
2. Replace CPP with PP for DT pre-processing, as CPP in U-boot/Linux is
exported as "${CROSS_COMPILE}gcc -E" while in TF-A it is exported as
"${CROSS_COMPILE}cpp".
Dilan Lee [Fri, 27 Oct 2017 01:51:09 +0000 (09:51 +0800)]
Tegra: add 'late' platform setup handler
This patch adds a platform setup handler that gets called after
the MMU is enabled. Platforms wanting to make use of this handler
should declare 'plat_late_platform_setup' handler in their platform
files, to override the default weakly defined handler.
Change-Id: Ibc97a2e5a24608ddea856d0bd543a9d5876f604c Signed-off-by: Dilan Lee <dilee@nvidia.com>
Varun Wadekar [Wed, 15 Nov 2017 23:48:51 +0000 (15:48 -0800)]
Tegra: spe: shared console for Tegra platforms
There are Tegra platforms which have limited UART ports and so
all the components have to share the console. The SPE helps out
by collecting all the logs in such cases and prints them on the
shared UART port.
This patch adds a driver to communicate with the SPE driver, which
in turn provides the console.
Varun Wadekar [Wed, 15 Nov 2017 23:46:38 +0000 (15:46 -0800)]
Tegra: console driver compilation from platform makefiles
This patch includes the console driver from individual platform
makefiles and removes it from tegra_common.mk. This allows future
platforms to include consoles of their choice.
Varun Wadekar [Wed, 8 Nov 2017 22:03:16 +0000 (14:03 -0800)]
Tegra: smmu: change exit criteria for context size calculation
Tegra SoCs currently do not have a SMMU register at address 0xFFFFFFFF.
This patch changes the search criteria, to look for this marker, to
calculate the size of the saved context.
Steven Kao [Tue, 14 Nov 2017 10:52:05 +0000 (18:52 +0800)]
Tegra: memctrl_v2: platform handler for TZDRAM setup
The Tegra memctrl driver sets up the TZDRAM fence during boot and
system suspend exit. This patch provides individual platforms with
handlers to perform custom steps during TZDRAM setup.
Change-Id: Iee094d6ca189c6dd24f1147003c33c99ff3a953b Signed-off-by: Steven Kao <skao@nvidia.com>
Varun Wadekar [Fri, 10 Nov 2017 18:26:57 +0000 (10:26 -0800)]
Tegra186: save system suspend entry marker to TZDRAM
This patch adds support to save the system suspend entry and exit
markers to TZDRAM to help the trampoline code decide if the current
warmboot is actually an exit from System Suspend.
The Tegra186 platform handler sets the system suspend entry marker
before entering SC7 state and the trampoline flips the state back to
system resume, on exiting SC7.
Varun Wadekar [Wed, 8 Nov 2017 22:45:08 +0000 (14:45 -0800)]
Tegra186: helper functions for CPU rst handler and SMMU ctx offset
This patch adds a helper function to get the SMMU context's offset
and uses another helper function to get the CPU trampoline offset.
These helper functions are used by the System Suspend entry sequence
to save the SMMU context and CPU reset handler to TZDRAM.
Varun Wadekar [Wed, 23 Aug 2017 17:19:25 +0000 (10:19 -0700)]
Tegra: bpmp: return error if BPMP init fails
This patch returns error if BPMP initialization fails. The platform
code marks the cluster as "runnning" since we wont be able to get
it into the low power state without BPMP.
Varun Wadekar [Mon, 30 Oct 2017 21:35:17 +0000 (14:35 -0700)]
Tegra: memctrl_v2: platform handler for TZDRAM settings
The Tegra memctrl driver sets up the TZDRAM fence during boot and
system suspend exit. This patch provides individual platforms with
handlers to perform platform specific steps, e.g. enable encryption,
save base/size to secure scratch registers.
Varun Wadekar [Tue, 17 Oct 2017 17:29:24 +0000 (10:29 -0700)]
Tegra186: sanity check target cluster during core power on
This patch sanity checks the target cluster value, during core power on,
by comparing it against the maximum number of clusters supported by the
platform.
Tegra: bpmp_ipc: IPC driver to communicate with BPMP firmware
This patch adds the driver to communicate with the BPMP firmware on Tegra
SoCs, starting Tegra186. BPMP firmware is responsible for clock enable/
disable requests, module resets among other things.
MRQ is short for Message ReQuest. This is the general purpose, multi channel
messaging protocol that is widely used to communicate with BPMP. This is further
divided into a common high level protocol and a peer-specific low level protocol.
The higher level protocol specifies the peer identification, channel definition
and allocation, message structure, message semantics and message dispatch process
whereas the lower level protocol defines actual message transfer implementation
details. Currently, BPMP supports two lower level protocols - Token Mail Operations
(TMO), IVC Mail Operations (IMO).
This driver implements the IMO protocol. IMO is implemented using the IVC (Inter-VM
Communication) protocol which is a lockless, shared memory messaging queue management
protocol.
The IVC peer is expected to perform the following as part of establishing a connection
with BPMP.
1. Initialize the channels with tegra_ivc_init() or its equivalent.
2. Reset the channel with tegra_ivc_channel_reset. The peer should also ensure that
BPMP is notified via the doorbell.
3. Poll until the channel connection is established [tegra_ivc_channel_notified() return
0]. Interrupt BPMP with doorbell each time after tegra_ivc_channel_notified() return
non zero.
The IPC driver currently supports reseting the GPCDMAand XUSB_PADCTL hardware blocks. In
future, more hardware blocks would be supported.
Tegra: memctrl_v2: pack TZDRAM base to RSVD55_SCRATCH
This patch saves the TZDRAM_BASE value to secure RSVD55
scratch register. The warmboot code uses this register to
restore the settings on exiting System Suspend.
Tegra186: mce: get the "right" uncore command/response bits
This patch corrects the logic to read the uncore command/response bits
from the command/response values. The previous logic tapped into incorrect
bits leading to garbage counter values.
This patch modifies the timeout loop to use udelay() instead of
mdelay(). This helps with the boot time on some platforms which
issue a lot of MCE calls and every mdelay adds up increasing the
boot time by a lot.
Sathees Balya [Thu, 15 Nov 2018 14:22:30 +0000 (14:22 +0000)]
plat/arm: Save BL2 descriptors to reserved memory.
On ARM platforms, the BL2 memory can be overlaid by BL31/BL32. The memory
descriptors describing the list of executable images are created in BL2
R/W memory, which could be possibly corrupted later on by BL31/BL32 due
to overlay. This patch creates a reserved location in SRAM for these
descriptors and are copied over by BL2 before handing over to next BL
image.
Also this patch increases the PLAT_ARM_MAX_BL2_SIZE for juno when TBBR
is enabled.
Andrew F. Davis [Tue, 22 Jan 2019 18:39:31 +0000 (12:39 -0600)]
ti: k3: common: Add support for runtime detection of GICR base address
Valid addresses for GICR base are always a set calculable distance from
the GICD and is based on the number of cores a given instance of GICv3 IP
can support. The formula for the number of address bits is given by the
ARM GIC-500 TRM section 3.2 as 2^(18+log2(cores)) with the MSB set to
one for GICR instances. Holes in the GIC address space are also
guaranteed to safely return 0 on reads. This allows us to support runtime
detection of the GICR base address by starting from GIC base address plus
BIT(18) and walking until the GICR ID register (IIDR) is detected. We
stop searching after BIT(20) to prevent searching out into space if
something goes wrong. This can be extended out if we ever have a device
with 16 or more cores.
To accommodate scenarios where we want to use a UART baud rate other than
the default 115,200 allow the associated compiler definition to be set
via the K3_USART_BAUD build option by updating the platform make file.
Since the platform make file now also contains the default value (still
115,200), go ahead and remove the redundant definition from the platform
header file.
Suggested-by: Andrew F. Davis <afd@ti.com> Signed-off-by: Andreas Dannenberg <dannenberg@ti.com>
Andrew F. Davis [Fri, 4 Jan 2019 18:49:16 +0000 (12:49 -0600)]
ti: k3: drivers: ti_sci: Clear receive queue before transmitting
Send and receive currently must be be serialized, any message already in
the receive queue when a new message is to be sent will cause a mismatch
with the expected response from this new message. Clear out all messages
from the response queue before sending a new request.
Signed-off-by: Andrew F. Davis <afd@ti.com> Acked-by: Nishanth Menon <nm@ti.com>
Andrew F. Davis [Thu, 3 Jan 2019 19:23:52 +0000 (13:23 -0600)]
ti: k3: drivers: ti_sci: Add processor shutdown API
This is a pseudo-API command consisting of a wait processor status
command and a set device state command queued back-to-back without
waiting for the System Firmware to ACK either message.
This is needed as the K3 power down specification states the System
Firmware must wait for a processor to be in WFI/WFE before powering
it down. The current implementation of System Firmware does not provide
such a command. Also given that with PSCI the core to be shutdown is the
core that is processing the shutdown request, the core cannot itself wait
for its own WFI/WFE status. To workaround this limitation, we submit
a wait processor status command followed by the actual shutdown command.
The shutdown command will not be processed until the wait command has
finished. In this way we can continue to WFI before the wait command
status has been met or timed-out and the shutdown command is processed.
Signed-off-by: Andrew F. Davis <afd@ti.com> Acked-by: Nishanth Menon <nm@ti.com>
Andrew F. Davis [Tue, 18 Dec 2018 19:21:12 +0000 (13:21 -0600)]
ti: k3: drivers: ti_sci: Add processor status wait API
This TI-SCI API can be used wait for a set of processor status flags to
be set or cleared. The flags are processor type specific. This command
will not return ACK until the specified status is met. NACK will be
returned after the timeout elapses or on error.
Signed-off-by: Andrew F. Davis <afd@ti.com> Acked-by: Nishanth Menon <nm@ti.com>
Harvey Hsieh [Mon, 21 Aug 2017 07:01:53 +0000 (15:01 +0800)]
Tegra: memctrl: clean MC INT status before exit to bootloader
This patch cleans the Memory controller's interrupt status
register, before exiting to the non-secure world during
cold boot. This is required as we observed that the MC's
arbitration bit is set before exiting the secure world.
Varun Wadekar [Wed, 23 Aug 2017 23:02:06 +0000 (16:02 -0700)]
Tegra: use 'PLATFORM_MAX_CPUS_PER_CLUSTER' to calculate core position
This patch updates the plat_my_core_pos() and platform_get_core_pos() helper
functions to use the `PLATFORM_MAX_CPUS_PER_CLUSTER` macro to calculate the
core position.
Harvey Hsieh [Wed, 9 Aug 2017 08:24:40 +0000 (16:24 +0800)]
Tegra: memctrl_v2: pack TZDRAM base into SCRATCH54_LO
This patch moves the TZDRAM base address to SCRATCH55_LO due
to security concerns. The HI and LO address bits are packed
into SCRATCH55_LO for the warmboot firmware to restore.
SCRATCH54_HI is still being used for backward compatibility,
but would be removed eventually.
The scratch registers are populated as:
* RSV55_0 = CFG1[12:0] | CFG0[31:20]
* RSV55_1 = CFG3[1:0]
* RSV54_1 = CFG1[12:0]
Varun Wadekar [Fri, 4 Aug 2017 00:17:00 +0000 (17:17 -0700)]
Tegra: enable 'WARMBOOT_ENABLE_DCACHE_EARLY' flag
This patch enables the 'WARMBOOT_ENABLE_DCACHE_EARLY' flag to enable
D-cache early, during the CPU warmboot sequence. This flag is applicable
for platforms like Tegra, which do not require interconnect programming to
enable cache coherency.
Samuel Payne [Fri, 16 Jun 2017 04:12:45 +0000 (21:12 -0700)]
Tegra210_B01: SC7: Select RNG mode based on ECID
If ECID is valid, we can use force instantiation
otherwise, we should use reseed for random data
generation for RNG operations in SE context save
DNI because we are not keeping software save
sequence in main.
Change-Id: I73d650e6f45db17b780834b8de4c10501e05c8f3 Signed-off-by: Samuel Payne <spayne@nvidia.com>
Varun Wadekar [Thu, 3 Jan 2019 00:30:01 +0000 (16:30 -0800)]
Tegra: trusty: pass profiling base to Trusted OS
* Previous boot loader passes Shared DRAM address
to be used by Trusted OS to dump its boot timing records
* This patch adds support to pass the parameter
to Trusted OS during cold boot
This change ports the software based SE context save routines.
The software implements the context save sequence for SE/SE2 and
PKA1. The context save routine is intended to be invoked from
the ATF SC7 entry.
Varun Wadekar [Thu, 3 Aug 2017 18:19:01 +0000 (11:19 -0700)]
Tegra210: increase number of dynamic memory mappings
This patch increases the MAX_MMAP_REGIONS build flag to allow
Tegra210 platforms to dynamically map multiple memory apertures
at the same time. This takes care of scenarios when we get multiple
requests to memmap memory apertures at the same time.
Tegra: lib: library for profiling the cold boot path
The non secure world would like to profile the boot path for
the EL3 and S-EL1 firmwares. To allow it to do that, a non-secure
DRAM region (4K) is allocated and the base address is passed to
the EL3 firmware.
This patch adds a library to allow the platform code to store the
tag:timestamp pair to the shared memory. The tegra platform code
then uses the `record` method to add timestamps.
Original change by Akshay Sharan <asharan@nvidia.com>
Anthony Zhou [Wed, 26 Jul 2017 09:16:54 +0000 (17:16 +0800)]
Tegra: fix defects flagged by MISRA Rule 10.3
MISRA Rule 10.3, the value of an expression shall not be assigned to
an object with a narrower essential type or of a different essential
type category.
The essential type of a enum member is anonymous enum, the enum member
should be casted to the right type when using it.
Both UL and ULL suffix equal to uint64_t constant in compiler
aarch64-linux-gnu-gcc, to avoid confusing, only keep U and ULL suffix
in platform code. So in some case, cast a constant to uint32_t is
necessary.
Change-Id: I1aae8cba81ef47481736e7f95f53570de7013187 Signed-off-by: Anthony Zhou <anzhou@nvidia.com>
Harvey Hsieh [Thu, 15 Jun 2017 23:28:43 +0000 (16:28 -0700)]
Tegra210: save TZSRAM context from the "_wfi" handler
This patch saves the TZSRAM context and takes the SoC into System Suspend
from the "_wfi" handler. This helps us save the entire CPU context from
the TZSRAM, before entering System Suspend. In the previous implementation
we missed saving some part of the state machine context leading to an assert
on System Suspend exit.
Anthony Zhou [Fri, 7 Jul 2017 06:29:51 +0000 (14:29 +0800)]
Tegra: common: fix defects flagged by MISRA scan
Macro assert(e) request 'e' is a bool type, if useing other
type, MISRA report a "The Essential Type Model" violation,
Add a judgement to fix the defects, if 'e' is not bool type.
Remove unused code [Rule 2.5]
Fix the essential type model violation [Rule 10.6, 10.7]
Use local parameter to raplace function parameter [Rule 17.8]
Change-Id: Ifce932addbb0a4b063ef6b38349d886c051d81c0 Signed-off-by: Anthony Zhou <anzhou@nvidia.com>
Samuel Payne [Mon, 12 Jun 2017 23:38:23 +0000 (16:38 -0700)]
Tegra210: se: disable SMMU before suspending SE block
This patch disables SMMU hardware before suspending the SE
block, for the context save operation to complete. The NS
word will re-enable SMMU when we exit System Suspend.
Change-Id: I4d5cd982ea6780db5c38b124550d847e3928c60d Signed-off-by: Samuel Payne <spayne@nvidia.com>
Anthony Zhou [Wed, 22 Mar 2017 06:42:42 +0000 (14:42 +0800)]
Tegra: pm: fix MISRA defects
Main fixes:
* Use int32_t replace int, use uint32_t replace unsign int
[Rule 4.6]
* Add function define to header file [Rule 8.4]
* Added curly braces ({}) around if statements in order to
make them compound [Rule 15.6]
* Voided non c-library functions whose return types are not used
[Rule 17.7]
Change-Id: Ifa3ba4e75046697cfede885096bee9a30efe6519 Signed-off-by: Anthony Zhou <anzhou@nvidia.com>
projects / arm-tf.git / log